WildDragonLLC/dragonflight
1
0
Fork 0
Code Issues 32 Pull requests 1 Projects Releases Packages Wiki Activity Actions

fix(auth+bugs): optional auth bypass, login routes, conform column name, panel metadata fields, login page: auth.js

Browse source
This commit is contained in:
Zac Gaetano 2026-05-15 23:40:10 -04:00
parent 583b3f0ad6
commit 069c20ad43
1 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
services/mam-api/src/middleware/auth.js
View file

@ -1,4 +1,16 @@
/**
* Authentication middleware.
*
* When AUTH_ENABLED=true in the environment, every protected route requires
* an active session (set by POST /api/v1/auth/login).
*
* When AUTH_ENABLED is unset or any other value, the middleware is a no-op
* so the stack can be deployed and tested without setting up users first.
* Set AUTH_ENABLED=true in production after running POST /api/v1/auth/setup
* to create the first admin account.
*/
export const requireAuth = (req, res, next) => { export const requireAuth = (req, res, next) => {
if (process.env.AUTH_ENABLED !== 'true') return next();
if (!req.session || !req.session.userId) { if (!req.session || !req.session.userId) {
return res.status(401).json({ error: 'Unauthorized' }); return res.status(401).json({ error: 'Unauthorized' });
} }